Get Instant Access

First Name
Last Name
Company Name
Phone Number
By submitting this form, you agree to Distil's Terms of Service and Privacy Policy.
Thank you!
Error - something went wrong!

The Anatomy of Account Takeover Attacks

April 30, 2018

A Distil Research Lab Threat Report

Bad bots are on every website with a login page. Even yours.

Hackers and fraudsters use bots to validate sets of login credentials, gain access to credit card data, and sell personally identifiable information on the dark web. They also use stolen account data to transfer money, purchase goods, or spread a specific political agenda.

Key takeaways from the report include:

  • Patterns found in ATO attacks, and the one day a week you must be on high alert
  • The most popular tools used to commit these attacks, and their achilles heels
  • The contrasts between simple, moderate and sophisticated attacks, and how to detect and prevent each type of attack

“Every time a breach comes to light and consumer credentials are exposed, any business with a login page should prepare themselves for a swell of volumetric credential stuffing attacks. While bot operators may be purposeful in their strategy of carrying out ATO attacks, this data also renders them predictable. Organizations must educate themselves in order to identify the warnings signs, and be prepared for times when an attacker may strike.”

- Anna Westelius, Senior Director of Security Research at Distil Networks

Previous Flipbook
Mobile Bots: The Next Evolution of Bad Bots
Mobile Bots: The Next Evolution of Bad Bots

New research from the Distil Research Lab reveals a new type of bot—a mobile bot. Launched from both smart ...

Next Flipbook
2018 Bot Report Executive Summary
2018 Bot Report Executive Summary

Bad bots interact with applications in the same way a legitimate user would, making them harder to prevent....